Imagine you are an Information Systems Security Officer for a medium-sized financial services firm that has operations in four (4) states (Virginia, Florida, Arizona, and California). Due to the highly sensitive data created, stored, and transported by your organization, the CIO is concerned with implementing proper security controls for the LAN-to-WAN domain. Specifically, the CIO is concerned with the following areas:
Protecting data privacy across the WAN
Filtering undesirable network traffic from the Internet
Filtering the traffic to the Internet that does not adhere to the organizational acceptable use policy (AUP) for the Web
Having a zone that allows access for anonymous users but aggressively controls information exchange with internal resources
Having an area designed to trap attackers in order to monitor attacker activities
Allowing a means to monitor network traffic in real time as a means to identify and block unusual activity
Hiding internal IP addresses
Allowing operating system and application patch management
The CIO has tasked you with proposing a series of hardware and software controls designed to provide security for the LAN-to-WAN domain. The CIO anticipates receiving both a written report and diagram(s) to support your recommendations.
Use MS Visio or an open source equivalent to graphically depict a solution for the provided scenario that will:
filter undesirable network traffic from the Internet
filter Web traffic to the Internet that does not adhere to the organizational AUP for the Web
allow for a zone for anonymous users but aggressively controls information exchange with internal resources
allow for an area designed to trap attackers in order to monitor attacker activities
offer a means to monitor network traffic in real time as a means to identify and block unusual activity
hide internal IP addresses
Identify the fundamentals of public key infrastructure (PKI).
Describe the manner in which your solution will protect the privacy of data transmitted across the WAN.
Analyze the requirements necessary to allow for proper operating system and application patch management and describe a solution that would be effective.